EXPERT SPEAK
Karthik Santosh , Regional Security Architect , StarLink IT security
Security changing in phase with technology cycles
Every organisation day in and day out has to deal with advanced threats as well as abide with regulations to safeguard personally identifiable information to avoid reputational loss along with financial loss .
Some of the major trends in IT security appear below .
Ransomware Ransomware with its various forms are designed to attack all levels of the enterprise network , and is now very much a prevalent and pervasive threat actor . The first half of 2016 saw a steep rise in several ransomware families designed to attack enterprise endpoints and equipment .
Enterprises should be geared with multi-layered security defenses to be in position to counteract these threats , which attempt to penetrate enterprise networks at any time .
Internet of things It is a known fact that IoT has transformed entire businesses and brings tremendous benefits while at the same time brings new risks to tackle . From smart phones to smart cars to critical infrastructure , we need to securely protect and manage the connected devices and its communications , and deliver advanced analytics to detect sophisticated and stealthy threats to IoT systems . Its absence would have catastrophic effects on a business due to the nature of IoT phenomena , which is why it is one of the biggest trending issues in IT security .
Organisations now look beyond their boundaries for expert assistance in securing their enterprise
Managed security With the shift in ideology of how to maintain an accepted level of risk with the optimal balance of skilled force , whilst constantly scanning and preparing to counteract an ever-so evolving threat landscape 24x7x365 , there has been exponential growth in managed security services in recent times . Organisations now look beyond their boundaries for expert assistance in securing their enterprise .
Intelligence driven security Intelligence driven security capabilities help organisations minimise the risks of operating in the digital jungle . Through consuming and parsing raw events and flows at a blink of eye , simultaneously there should be use of behavioral analytics to quickly respond to security incidents with the help of advanced machine learning algorithms .
This gives the ability to detect , investigate , and respond to unknown advanced threats , protect identities , which prevent cybercrime . Need of the hour is the intelligence-driven approach which is riskaware , agile , achievable and future proof .
Regulatory changes , European , US Due to stringent regulations on data protection and privacy as well as evergrowing challenge to meet with complex compliance regarding protection , personally identifiable information is pushing organisations towards managed security services . This trend is quite evident in information sensitive domains like healthcare , banking , finance and insurance .
Forensics The field of cybercrime investigation and digital forensics has become extremely crucial for information assurance , law enforcement , national security . The ever increasing complexity of secure information communication and networking infrastructure is making investigation of cybercrimes challenging . The bread crumbs of illegal events are often buried in enormous piles of data that need to be strained through in order to detect crimes and collect the required evidence .
Forensics data analytics Forensics data analytics looks at preventing and detecting fraud by leveraging information in organisation data assets . Meaningful patterns and correlations can be derived in existing historic data sets to predict future incidents and evaluate the reasons for fraudulent activities . This has long been overdue as a subject and its adoption within the industry .
Smart IoT Forensics Internet of Things adoption will change security guardians understanding of network perimeter , pen tester perspective of attack models , forensics analyst ability of investigating smart devices and incident handler views on the methods for containing incidents . As more and more organisations are adopting IoT devices the development of privacy , security , forensics and incident detection capabilities would be an important challenge .
68 Issue 01 INTELLIGENT TECH CHANNELS